US20190306112A1

Movatterモバイル変換

Info

Publication number: US20190306112A1
Application number: US15/645,853
Authority: US
Inventors: Waldemar Augustyn
Original assignee: Individual
Current assignee: Red Melic Inc
Priority date: 2016-07-08
Filing date: 2017-07-10
Publication date: 2019-10-03
Also published as: US11277378B2; US10749840B2; US20200344207A1

Abstract

Devices residing in different networks communicate with one another using inter-network communication. A host may transmit a first packet to a gateway and the gateway may transform it into a second packet. When creating the second packet, the gateway may transmit a request to an address mapper for a mapped address. The mapped address includes a native address or a system address. The system address includes another native address as well as a reference value. The reference value is associated with the host, includes an opaque binary value of an arbitrary size, and is subdivided into multiple fields associated with the host. In response to the mapped address being the system address, the address mapping engine obtains the system address. In response to the mapped address being the native address, the address mapping engine obtains the native address. The native address is determined in view of an existing network protocol.

Description

CROSS-REFERENCE TO RELATED APPLICATION

This application claims priority to U.S. Provisional Patent Application No. 62/359,827, filed Jul. 8, 2016, the entire contents of which are herein incorporated by reference in their entirety.

TECHNICAL FIELD

This disclosure relates to network communication using an addressing schema, and more particularly to Internet protocol (IP) network communication using an addressing schema to establish communications between devices in private networks.

BACKGROUND

Devices may communicate with other devices via public and/or private networks. A public network, such as the Internet, may be accessible by devices, regardless of where the device resides. A private network allows devices that reside within the private network to securely communicate with one another via intra-net communication. A device within one private network may establish inter-net communication (that is, communicate with another device residing in a different network than the one it resides in) with another, remote device.

A private network may include a host and a gateway. In a private network, a host may be assigned a unique native address that may be secretive within the private network and used only by other devices within that private network. Within the private network, different hosts communicate to each other using their native addresses. The native addresses are opaque to others residing outside of the private network.

A gateway or edge router, which connects a private network to a public network such as the Internet, is assigned a unique, or potentially more than one, public address. The public address is globally visible. Therefore, the public address has meaning within a public network and may be utilized by other devices to communicate with the gateway. Devices within different private networks communicate with each other, via the public network, using public addresses. A public address of a gateway may also be associated with the hosts that reside in the same private network as the gateway.

In order for a first host located in a first private network to communicate with a second host located in a second private network (where the second private network is different than the first private network), a tunnel such as virtual private network (VPN) may be used.

SUMMARY

The following presents a simplified summary of various aspects of this disclosure in order to provide a basic understanding of such aspects. This summary is not an extensive overview of the disclosure. It is intended to neither identify key or critical elements of the disclosure, nor delineate any scope of the particular implementations of the disclosure or any scope of the claims. Its sole purpose is to present some concepts of the disclosure in a simplified form as a prelude to the more detailed description that is presented later.

In an aspect of the present disclosure, an address mapper receives a request for a mapped address. The mapped address includes one of a native address or a system address. The system address includes another native address and a reference value. The reference value is associated with a host. The reference value includes an opaque binary value of an arbitrary size, and the reference value is subdivided into plurality of fields associated with the host. An address mapping engine obtains the mapped address. In response to the mapped address being the system address, the address mapping engine obtains the system address. In response to the mapped address being the native address, the address mapping engine obtains the native address. The native address is determined in view of an existing network protocol.

In another aspect of the present disclosure, an address mapping system is described. The address mapping system includes an address mapping engine and a gateway. The address mapping engine includes multiple mappings of respective input addresses to respective output addresses. The gateway includes a packet processing that communicates with the address mapping engine with respect to output addresses. The gateway replaces an input address with an output address. The output address includes one of a native address, a translated native address or a system address.

Computing devices for performing the operations of the above described method and the various implementations described herein are disclosed. Computer-readable storage media that store instructions for performing operations associated with the above described method and the various implementations described herein are also disclosed.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings, in which:

FIG. 1A is a block diagram illustrating a networking system of prior art, in accordance with an implementation of the disclosure;

FIG. 1B illustrates packet flow of prior art, in accordance with an implementation of the disclosure;

FIG. 2 illustrates an exemplary system address, in accordance with an implementation of the disclosure;

FIG. 3 illustrates an exemplary system architecture for providing system addresses to facilitate network communications, in accordance with an implementation of the disclosure;

FIG. 4A is a flowchart of a method of providing system addresses, in accordance with an implementation of the disclosure;

FIG. 4B is a flowchart of a method of providing mapped addresses, in accordance with an implementation of the disclosure;

FIG. 5A illustrates a block diagram of a networking system, in accordance with an implementation of the disclosure;

FIG. 5B illustrates packet flow, in accordance with an implementation of the disclosure;

FIG. 6A illustrates a block diagram of a networking system in a compatibility mode, in accordance with an implementation of the disclosure;

FIG. 6B illustrates packet flow in a compatibility mode, in accordance with an implementation of the disclosure;

FIG. 6C illustrates packet flow in a mixed networking system, in accordance with an implementation of the disclosure;

FIG. 7 is a flowchart of a method of obtaining an address of a host, in accordance with an implementation of the disclosure; and

FIG. 8 illustrates a block diagram illustrating an exemplary computer device operating in accordance with an implementation of the disclosure.

DETAILED DESCRIPTION

Aspects and implementations of the present disclosure are directed to network communications, especially inter-network communications, using an addressing schema. A method, system and apparatus for such network communications is described. Traditionally, in order for a first device residing in a first network to communicate with a second device residing in a second network, inter-network communication is established. Typically, the first device sends data in the form of one or more packets to a first gateway (also residing in the first network) to transmit to a second gateway (residing in the second network), via a third network. The second gateway then transmits the data to the second device. The first and second networks may be independent, private networks and may establish communication between residing devices via a public network. The third network may be a public network.

Devices located in a private network may communicate with each other using one another's native addresses (e.g., addresses that may be locally assigned to hosts within a private network). An example of a native address is an Internet Protocol (IP) address. A native address of a host may not be globally reachable by other devices from outside the private network. Therefore, hosts within a private network may not be able communicate directly with hosts outside the private network. Some examples of such networks include: private business networks, internal government networks, home networks, or any networks isolated for operational, security, or any other reasons.

As networks expand and grow, inter-network communication may become less secure. Furthermore, native addresses of various devices may be represented by different formats, and various networks and/or devices may be incompatible with others, which may lead to further difficulty in inter-network communication.

Implementations of the disclosure address the above deficiencies by allowing collaboration between devices residing in different networks (such as private networks). Networks may include additional devices such as address mappers and DNS query interceptors that provide system addresses that are mapped to native addresses. By using the mappings, communication may be established between two or more hosts residing on incompatible networks, networks running custom protocols, or networks with non-standard characteristics such as classified networks, space networks, etc. The present disclosure allows third party entities, such as corporations, universities, government agencies, etc., to securely engage in inter-network communication without creating dedicated VPN networks.

Various aspects of the above referenced methods and systems are described in details herein below by way of examples, rather than by way of limitation.

FIG. 1A is a block diagram140 illustrating a networking system of prior art. Block diagram140 depicts a local network1 (101), a domain name system (DNS)100, apublic network110, and a local network2 (102). Local network1 (101) includes anaddress mapper103, a host5 (H5) (105) and a gateway1 (GW1) (107). Local network2 (102) includes anaddress mapper104, a gateway2 (GW2) (108) and a host6 (H6) (106). In block diagram140, network address translation (NAT) may be utilized to map an IP address to a modified address when packets are routed. The components in block diagram140 may use native addresses and modified addresses of hosts during communication.

As depicted, an address of host5 (105) is 172.17.0.5; an address of gateway1 (107) is 11.0.0.1; an address of gateway2 (108) is 22.0.0.2; and address of host6 (106) is 172.24.0.6. These addresses may be referred to as respective native addresses of the devices. DNS maps an address ofhost5 to gateway1 (107)'s address: 11.0.0.1 and an address of host6 (106) to gateway2 (108)'s address: 22.0.0.2. Gateway1 (107)'s address and gateway2 (108)'s address are public addresses, which are visible and reachable by other local networks (not depicted) that have access topublic network110. The public addresses are globally unique withinpublic network110.

Gateway1 (107) and gateway2 (108) may also be referred to as NAT routers or edge routers. Gateway1 (107) and gateway2 (108) may translate addresses of local hosts, host5 (105) and host6 (106), respectively, to their own public addresses or potentially to one of the public addresses from an available pool of addresses.Address mapper103 andaddress mapper104 may perform the function of such translation.

Suppose that host5 (105), residing within local network1 (101), wishes to communicate with host6 (106), residing within local network2 (102). Host5 (105) may transmit data to host6 (106) using a packet or multiple packets. A packet may include, among other things, a header and payload. The header may include an address identifying a source of the packet (e.g., an address of host5 (105)) and an address identifying a destination of the packet (e.g., an address of the host6 (106)). The packet may be transmitted by host5 (105) to host6 (106), via gateway1 (107) and gateway2 (108). As depicted, gateway1 (107) communicates with gateway2 (108) viapublic network110. Details regarding changes to the packet header during transmission are depicted herein with respect toFIG. 1B.

FIG. 1B illustratespacket flow120 of prior art. The top portion ofFIG. 1B illustrates packet header details with respect to transmission of a packet from host5 (105) to host6 (106). The bottom portion ofFIG. 1B illustrates packet header details with respect to transmission of a packet from host6 (106) to host5 (105).Packet121 is a packet originating from host5 (105). Host5 (105) inserts its own address (172.19.0.5) into a portion of the header and an address of host6 (106) into another portion of the header. Host5 (105) acquires the address of host6 (106) (i.e., 22.0.0.2) from DNS100 (depicted inFIG. 1A). DNS, after receiving a request from host5 (105) for host6 (106)'s address, returns an address of host6 (106) as the address of host6 (106)'s gateway, gateway2 (108). Host5 (105) may then transmit the packet to gateway1 (107). Thus,packet121 transmitted by host5 (105) to gateway1 (107) contains a source address: 172.19.0.5 and a destination address: 22.0.02.

Whenpacket121 arrives at gateway1 (107), gateway1 (107) transforms it intopacket122. Inpacket122, gateway1 (107) changes the source address to its address (e.g., 11.0.0.1) but does not change the destination address. Gateway1 (107) may then transmit the packet to gateway2 (108) (via public network110). Thus,packet122 transmitted by gateway1 (107) contains a source address: 11.0.0.1 and a destination address: 22.0.0.2.

After transmission overpublic network110,packet122 arrives at gateway2 (108). Gateway2 (108) createspacket123 which translates the destination address to the native address of host6 (106). Gateway2 (108) does not change the source address. Gateway2 (108) may then transmitpacket123 to host6 (106). Thus,packet123 transmitted by gateway2 (108) to host6 (106) contains a source address: 11.0.0.1 and a destination address: 172.24.0.6.

Packet

123 arrives at host6 (106) and no further changes to addresses are made. Thus, an application running on host6 (106) receives packet containing a source address: 11.0.0.1 and a destination address: 172.24.0.6.

When host6 (106) wishes to transmit a response to the packet to host5 (105), host6 (106) creates apacket125. Host6 (106) inserts its own address (172.24.0.6) into a portion of the header and an address of host5 (105) into another portion of the header. Since host6 (106) responds to a packet received from host5 (105), host6 (106) does not need to queryDNS100 because it already has host5 (105)'s address. If an application on host6 (106) wished to originate communication with host5 (105), host6 (106) would queryDNS100, similarly to the way host5 (105) did. Once host6 (106) acquires the address of host5 (105), it may then transmit the packet to gateway2 (108). Thus,packet125 transmitted by host6 (106) to gateway2 (108) contains a source address: 172.24.0.6 and a destination address: 11.0.0.1.

Whenpacket125 arrives at gateway2 (108), gateway2 (108) transforms it intopacket126. Inpacket126, gateway2 (108) changes the source address to its address (e.g., 22.0.0.2) but does not change the destination address. Gateway2 (108) may then transmit the packet to gateway1 (107) (via public network110). Thus,packet126 transmitted by gateway2 (108) contains a source address: 22.0.0.2 and a destination address: 11.0.0.1.

After transmission overpublic network110,packet126 arrives at gateway1 (107). Gateway1 (107) createspacket127 which translates the destination address to the native address of host5 (105). Gateway1 (107) does not change the source address. Gateway1 (107) may then transmitpacket127 to host5 (105). Thus,packet127 transmitted by gateway1 (107) to host5 (105) contains a source address: 22.0.0.2 and a destination address: 172.19.0.5.

Packet

127 arrives at host5 (105) and no further changes to addresses are made. Thus, an application running on host5 (105) receives packet containing a source address: 22.0.0.2 and a destination address: 172.19.0.5.

Prior art may be limited in that only one local host may be identified with its gateway's address. To remedy such limitation for user datagram protocol (UDP) and transmission control protocol (TCP), hosts may be further identified by not just their gateway addresses but also by port numbers. However, such a remedy supports only a limited number of hosts and limited protocols. Prior art systems may also be limited as they may not allow communication between multiple private networks that may not be compatible with one another and operate using different protocols. The disclosure provides robust solutions that enhance security and allow both compatible and incompatible networks to establish internetwork communications. The present disclosure utilizes a system and method for network communication using an addressing schema which can be used to identify the source address and/or the destination address in a packet.

FIG. 2 illustrates an exemplary system address. Anative address210 may be an address associated with a source or a destination identified in a packet.Native address210 may be an IPv4 address (e.g., 22.0.0.2), an IPv6 address (e.g., 2002:420:2468:2::8), or another address. IPv4 refers to Internet protocol version 4, which is one underlying technology used to enable the Internet. A device accessing the Internet may be assigned a unique, numerical IP address expressed using an IPv4 format. IPv4 address format may be expressed as: x.x.x.x, where “x” is an octet which is a decimal value between 0 and 255. IPv6 refers to the sixth revision to the Internet protocol. It may function similarly to IPv4 in that it may provide the unique, numerical IP addresses for Internet-enabled devices to communicate. IPv4 utilizes 32bits whereas IPv6 utilizes 128bits.Native address210 may be an address of a source address or a destination address included in a packet. Suppose for example that a first host wishes to transmit data to a second host. The first host may transmit the data via one or more packets. In an implementation, a packet may include, among other things, a header and payload. The header may include a source address identifying a source of the packet (e.g., an address of the first host) and a destination address identifying a destination of the packet (e.g., an address of the second host).

Asystem address220 includes a native address221, i.e. an address in the format of an existing network protocol supported by a local gateway, and areference222. Native address221 is also an address of an existing protocol but it is not necessarily the same asaddress210. It may be a different native protocol address, e.g. IPv4 vs IPv6, and it may have a different value.Reference222 is a value, such as an arbitrary value, that may be included with either or both source and destination addresses contained in a packet. A reference may be calculated using an algorithm or an arbitrary value that is associated with native address and is subject to mapping, transformations, or other calculations to produce a system address recognized by a particular networking system. The reference may be provided in every packet and can be included with either or both source and destination addresses. In an example, as depicted byFIG. 2,reference222 has a numerical value of “266” in the IPv4 compatible address and “288” in the IPv6 compatible address. In the depiction, the notation of the system address uses a “+” symbol to separate a native address221 fromreference222. In other notations, system address may be depicted using other symbols or means of association.

In an implementation, the value of the references may be determined by a device such as an address mapper or a host (or another device) and may include a lookup, an explicit configuration, or a random assignment. The address mappers may assign reference value and hosts and gateways may use them. The address mappers may allocate reference values based on information acquired from the gateways, query interceptors, its own stored data, and/or the configuration. The address mappers may use arbitrary algorithms in the process of allocating references. The address mappers may use configuration directly, where the values of the references would be pre-assigned by a system administrator. The address mappers may alternatively use a dynamic lookup where the values of the references would be looked up in a table that may change periodically. The address mappers may further use a random selection from a pool of references. Alternatively, the address mappers may use any other algorithm that produces a valid reference.

In an implementation, a reference may be interpretable within and have a meaning within the local network in which the origination host resides. A reference may be an opaque binary value to other networks outside of a host's local or originating network. An opaque value may not be transparent or interpretable by other networks. In an implementation, a portion of the reference may be assigned to facilitate system operations. In one example, the system address may include an explicit null reference. The explicit null reference may indicate that a gateway should interpret a native address portion of the system address directly without consulting address mappers. In another example, a network administrator may deliberately assign meanings to otherwise opaque references and convey that meaning to other networks (e.g., reference1000 could indicate hosts with a website representing the network).

FIG. 3 illustrates anexemplary system architecture300 for providing system addresses to facilitate network communications.System architecture300 includes alocal network A320,DNS306, anetwork305, and alocal network B340. In an implementation, DNS306 (depicted by a block outlined in dashed lines) may be an optional component ofsystem architecture300.Local network A320 includes anaddress mapper304, a database (DB)363 (or data store or storage system), aDNS query interceptor365, agateway310, and multiple hosts including host1 (312), . . . , host5 (314).Address mapper304 includes access point (AP)1 (361), . . . , access point2 (362), and anaddress mapping engine364.Gateway310 includes access point (AP)1 (351), . . . , access point2 (352), network stack1 (391), . . . , network stack2 (392), and apacket processing unit353. Host1 (312), . . . , host5 (314) each include anetwork interface316, anetwork stack317, and aname resolution client318.

Local network B (340) includes anaddress mapper324, a database (DB)383, ADNS query interceptor385, agateway330 and multiple hosts including host1 (332), . . . , host6 (334).Address mapper324 includes access point (AP)1 (381), . . . , access point2 (382), and an address mapping engine384.Gateway330 includes access point (AP)1 (371), . . . , access point2 (372), network stack1 (393), . . . , network stack2 (394), and apacket processing unit373. Host1 (332), . . . , host6 (334) includes anetwork interface336, anetwork stack367, and aname resolution client368.

The term “database” as used herein, refers to any form of one or more (or combination of) relational databases, object-oriented databases, hierarchical databases, network databases, non-relational (e.g., NoSQL) databases, key-value stores, document store databases, in-memory databases, programs, tables, files, lists, or any form of programming structure or structures that function to store data as described herein.

Although the depicted implementation inFIG. 3 depicts hosts1 (312), host5 (314), host1 (332), and host6 (334), in other implementations, fewer or greater number of hosts than depicted may be utilized. Additionally, althoughFIG. 3 depicts access point1 (351), access point1 (361), access point1 (371), access point1 (381), access point2 (352), access point2 (362), access point2 (372), and access point2 (382), in other implementations, fewer or greater number of access points than depicted may be utilized. Furthermore, althoughFIG. 3 depicts network stack1 (391), network stack2 (392), network stack1 (393), and network stack2 (394), in other implementations, fewer or greater number of network stacks than depicted may be utilized.

In one implementation,network305 may include a public network (e.g., the Internet), a private network (e.g., a local area network (LAN) or wide area network (WAN)), a wired network (e.g., Ethernet network), a wireless network (e.g., an 802.11 network or a Wi-Fi network), a cellular network (e.g., a Long Term Evolution (LTE) network), routers, hubs, switches, server computers, and/or a combination thereof.

A private network may include multiple devices (also referred to as components) such as hosts, switches, hubs, bridges, routers, and gateways that may directly communicate with each other without having to communicably couple to a public network. Gateways may connect devices within one private network to devices within another private network via a public network. A public network (such as the Internet) refers to a network system where devices may be reached directly via their native address. A public network may utilize a global uniqueness of addresses assigned to devices and connect devices to other devices via the globally unique address. Addresses assigned to devices within a private network may be unique within that particular private network. Therefore, private networks may utilize their own addressing schema and a device may be assigned an address that is unique within that particular private network. In an implementation, it may be possible for a first device in a first network to have an assigned address that is unique within the first network and a second device in a second network to have the same assigned address which is unique within the second network.

In one implementation,DNS306 may be a hierarchical decentralized naming system for computers, services, or other resources connected to the public network such as the Internet or a private network.DNS306 may associate address information assigned to each of the hosts participating in internetwork communications or delegate the responsibility of assigning names of hosts or domain names and mapping of the names to numerical native addresses associated with the hosts. A domain name may be an identification string that defines a realm of administrative autonomy, authority or control within the Internet, or a part of a network address that identifies it as belonging to a particular domain. A host name may refer to a name assigned to a host. A domain name or a host name may be human readable and a host may not use the domain name or the host name for direct communication. The domain name or the host name may be translated to a numerical native address using a name resolution system such asDNS306. A name resolution system may refer to a system that allows to translate host names into native addresses. Additionally,DNS306 may include a name resolution protocol in which Internet domain names may be located by searching a database (either internal or external to DNS306) and translated into Internet Protocol (IP) addresses. Internet domain names are text-based identifiers used to label an Internet resource (a personal computer, a server computing hosting a website, networks, services, etc.).DNS306 may further convert names associated with hosts to IP addresses, and vice-versa. In one implementation,DNS306 may list references along with associated native addresses in a database (not depicted).DNS306 may work with an existing domain name system by either introducing another record type or by using a free form record type such as text strings. A record is a database entry that may contain one or more values. In one implementation,DNS306 may be one or more computing devices (e.g., a rackmount server, a server computer, etc.).

In one implementation,address mapper304 and/oraddress mapper324 may include dedicated hardware or a software in one or more computing devices (e.g., a personal computer, a laptop, a rackmount server, a server computer, etc.). A user (such as a system administrator) may wish to input commands intoaddress mapper304 and/oraddress mapper324. In one implementation,address mapper304 and/oraddress mapper324 may provide a user interface which allows for user input. The user interface may allow interaction between users and a computer system. The user interface may accept user input via input devices (e.g., mouse, keyboard, etc.) and may include a display device (e.g., monitor) for displaying results of the interaction between users and the computer system.

In one implementation,address mapper304 and/oraddress mapper324 may perform various address mapping, or host name resolution mapping. Address mapping is associating a native address of a host with a native address and a reference value. For example, a native address of IPv4 address 192.168.0.1 may map to 10.0.0.1+1. Host name resolution mapping refers to associating a host name with a native address, and/or a native address and a reference value. For example, a name associated with a host (e.g., host-1.example.com) may map to 192.168.0.1 and/or 10.0.0.1+1.

In implementations of the disclosure, a “user” may be represented as a single individual. However, other implementations of the disclosure encompass a “user” being an entity controlled by a set of users and/or an automated source.

DNS query interceptor

In one implementation,DNS query interceptor365 andDNS query interceptor385 may request naming resolution fromDNS306 and transmit such request naming resolution received fromDNS306 to addressmapping engine364 and address mapping engine384, respectively. Naming resolution refers to identifying a native address associated with a host name. For example,DNS query interceptor365 may request resolution of a host's name fromDNS306. In response to receiving a native address of the host fromDNS306,DNS query interceptor365 may transmit the native address to addressmapping engine364.Address mapping engine364 may then map the native address with a non-assigned native address. Addressingmapping engine364 may also store the mapping indatabase363.

Althoughdatabase363 anddatabase383 are depicted inFIG. 3 as being external to and communicative withaddress mapper304 andaddress mapper324, respectively, in other implementations,database363 anddatabase383 may be internal to addressmapper304 andaddress mapper324.

In one implementation,database363 and/ordatabase383 may be a storage system such as a memory, a cache, a drive (e.g., a hard drive), a flash drive, a database system, or another type of component or device capable of storing data.Database363 and/ordatabase383 may be implemented in memory such as a routing table, for example, or as a distributed database with local caching by address mappers. Local caching refers to temporarily storing frequently used data into fast local volatile memories (e.g., random access memory (RAM)).Database363 and/ordatabase383 may also include multiple storage components (e.g., multiple drives or multiple databases) that may also span multiple computing devices (e.g., multiple server computers). In one implementation,database363 anddatabase383 may store mapped address data and provide the mapped address data to addressmapping engine364 and address mapping engine384. Mapped address data is information organized via native address mapping, system address mapping, or host naming resolution mapping. For example, mapped address data may be a native address or a system address associated with a host's name, or a host's name associated with a native address or a system address.

In one implementation, access point1 (351), access point1 (361), access point1 (371), access point1 (381), access point2 (352), access point2 (362), access point2 (372), and access point2 (382) (hereinafter referred individually, or collectively in any combination as “the access points”) may be a networking hardware or a computer software that communicably couple between an entity and a private or a public network. The access points may be a networking hardware or a computer software that acts as a communication hub for users. The access points may connect users to other users within the network, which may be operatively coupled wirelessly or by wires and may serve as the point of interconnection between wireless local area network (WLAN) and a fixed wire local network. The access points may also be coupled to a wired router, switch, or hub via an Ethernet cable, and may project wireless signal to a designated area. In one implementation, access points may be used to couplecommunicably address mapper304 andgateway310 oraddress mapper324 andgateway330.

In one implementation,address mapping engine364 and/or address mapping engine384 may be implemented as hardware and/or a software. In one implementation,address mapping engine364 and/or address mapping engine384 may perform one or more mappings of native addresses of hosts in a private network and native addresses of hosts outside of the private network. In one implementation,address mapping engine364 and/or address mapping engine384 may map a system address of a component (such as a host) to a non-assigned private address. A non-assigned private address may include a native address obtained from a pool of addresses delegated for use on private networks. For example, the private addresses may be RFC1918 addresses. The address mapper may map a system address to public address, in some implementations.

Although the depicted implementation inFIG. 3,gateway310 andgateway330 are shown, greater or fewer number of gateways may be utilized. In one implementation,gateway310 and/orgateway330 may refer to a networking hardware component that may equip a network node for interfacing with another network that may use different protocols than the network in which the network node resides. A network node refers to either a redistribution point or a communication endpoint. A network node may be a device or data point in a network that have an associated network address.Gateway310 and/orgateway330 may include one or more computing devices (e.g., a rackmount server, a server computer, etc.) and/or a computer program that may perform the tasks of a computing device gateway.

A gateway may include devices such as protocol translators, impedance matching devices, rate converters, fault isolators, and/or signal translators which may be used to provide system interoperability. System interoperability refers to a device's ability to communicate and/or interact with other systems (devices, etc.) without requiring additional hardware or software. A gateway may establish mutually acceptable administrative procedures between multiple networks. A gateway may be a computing device that may route the traffic from hosts in a private network to the outside network. A gateway may act as a proxy server and a firewall. A gateway may have direct access to both a public network and a private network.

In one implementation,packet processing unit353 and/orpacket processing unit373 may be implemented as software and/or a hardware. In one implementation,packet processing unit353 orpacket processing unit373 may request a system address fromaddress mapper304 oraddress mapper324, respectively, and replace a native address of a host contained in a packet with the system address received fromaddress mapper304 oraddress mapper324. For example,packet processing unit353 may request, fromaddress mapper304, a system address of a source address of a packet. Upon receiving the system address fromaddress mapper304,packet processing unit353 may replace the native address of the source address with the system address.

In one implementation,packet processing unit353 and/orpacket processing unit373 may repackage a packet into frames conforming to different protocols in context of mixed networks. Mixed networks may include a first network that utilizes a first protocol, a second network that utilizes a second protocol, and so forth. For example, one network may be an IPv4 network and another network may be an IPv6 network andpacket processing unit353 and/orpacket processing unit373 may repackage the packet into a first packet (conforming to IPv4 protocols) and a second packet (conforming to IPv6 protocols). Therefore,packet processing unit353 and/orpacket processing unit373 may allow packets to be exchanged among components such as hosts that reside within mixed networks.

Host1 (312), host5 (314), host1 (332) and host6 (334) (hereinafter referred individually, or collectively in any combination as “the hosts”) may each include computing devices such as personal computers (PCs), laptops, mobile phones, smart phones, tablet computers, netbook computers, servers, mainframes, virtual machines, container, networked appliances, etc. In one implementation, the hosts may not have direct access to a public network. In other words, the hosts may utilize a gateway (also referred to as an edge router) to connect to a device outside its private network. The gateway may connect to the device via a public network. In one implementation, the hosts may include input devices (e.g., keyboard and mouse), and display device (e.g., monitor). In one implementation, the hosts may include applications that allow users to view content items, such as images, videos, web pages, documents, files that are stored external to the host (i.e., remote files), etc. For example, the application may be a web browser that can access, retrieve, present, and/or navigate content items (e.g., web pages such as Hyper Text Markup Language (HTML) pages, digital media items, etc.) served by a host outside of a private network. The application may include software which provides input and output of commands to a host, via a user interface. The hosts may render, display, and/or present the content items (e.g., a web page, a remote file, etc.) to a user.

In general, functions described in one implementation as being performed by host1 (312) may also be performed by any host including host1 (332), host5 (314), and/or host6 (334). In addition, the functionality attributed to a particular component can be performed by different or multiple components operating together.

In one implementation, the hosts may be one or more computing devices (such as a rackmount server, a router computer, a server computer, a virtual machine, a personal computer, a mainframe computer, a laptop computer, a tablet computer, a desktop computer, etc.), data stores (e.g., hard disks, memories, databases), networks, software components, and/or hardware components that may be used to provide a user with access to a network. For example, the hosts may allow a user to transmit, receive, modify, etc., data from other hosts.

In an implementation, suppose that host5 (314) wishes to transmit a packet to host6 (334). A packet includes a header and a payload. The header includes a source address portion and a destination address portion. An address identifying a source of the packet (e.g., an address of the host5 (314)) and an address identifying a destination of the packet (e.g., an address of host6 (334)) may be inserted into the header by host5 (314). Host5 (314) may create a packet and transmit the packet togateway310.Gateway310 may forward the payload of the packet togateway330, vianetwork305.Gateway330 may then transmit the payload to the destination, host6 (334). When a packet arrives at a particular component (i.e., a host or a gateway) ofsystem architecture300, the packet's header may be modified.

Details regarding the packet transmission from host5 (314) to host6 (334) are described herein. Additional details are described herein below with respect to additional figures. When host5 (314) wishes to initiate the transmission of the packet to host6 (334), host5 (314) creates a packet by inserting its own address (i.e., a local IP address) into a source address portion of the header and an address of host6 (334) into a destination address portion of the header. Host5 (314) may acquire a system address of host6 (334) fromDNS306.DNS306, after receiving a request from host5 (314) for host6 (334)'s address, returns an address of host6 (334) as the address of host6 (334)'s gateway,gateway330 and a reference value. Host5 (314) may then transmit the packet togateway310.

When the packet arrives atgateway310,gateway310 transforms it into a second packet.Gateway310 does not change the destination address. To obtain the source address to insert into the second packet,gateway310 creates a request to send to addressmapper304 for the system address of the source (i.e., host5 (314)). Specifically,packet processing unit353 ofgateway310 creates the request to send to addressmapper304.

Address mapper

304 receives the request. Specifically, access point1 (361) ofaddress mapping engine364 ofaddress mapper304 receives the request and addressmapping engine364 generates a system address based on information fromgateway310 and information stored indatabase363. The database is a type of storage database that stores information such as mappings of system addresses (i.e., native addresses and reference values)) to native addresses (such as IP addresses).

The access point ofaddress mapping engine364 ofaddress mapper304 transmits system addresses of the hosts togateway310.

In an implementation,address mapper304 may provide the address of the hosts.Gateway310 may then transmit the second packet to gateway330 (via network305).

After transmission overnetwork305, the second packet arrives atgateway330.Gateway330 then creates a third packet which includes a source and destination address.Gateway330 does not change the source address. To obtain the destination address to insert into the third packet,gateway330 creates a request to send to addressmapper324 for a native address of the destination (i.e., host6 (334)). Specifically, apacket processing unit373 ofgateway330 creates the request to send to addressmapper324.

Address mapper

324 receives the request. Specifically, anaccess point381 of address mapping engine384 ofaddress mapper324 receives the request and address mapping engine384 returns the native address based on information fromgateway330 and information stored in thedatabase383. The database is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) and native addresses (such as IP addresses). Access point1 (361) ofaddress mapping engine364 ofaddress mapper304 transmits the native address of host6 (334) togate330.

The third packet arrives at host6 (334) and no further changes to addresses are made.

Block diagrams of exemplary systems are provided herein with respect toFIGS. 5A and 5B. In other implementations, DNS interceptors may be employed and examples are described herein with respect toFIGS. 6A and 6B.

In one implementation,network interface316 and/ornetwork interface334 may include hardware that provides coupling to a private or a public network (e.g., via an Ethernet card, a network adapter, etc.). In one implementation,network interface316 and/ornetwork interface334 may be a system's interface (software and/or hardware) between two pieces of components or protocol layers in a computer network.Network interface316 and/ornetwork interface334 may include a network address, a node identification (ID), and a port number associated with the network interface, or a unique reference associated with the network interface.

In one implementation,network stack317,network stack367, network stack1 (NS1)391, network stack2 (NS2)392, network stack1 (NS1)393, and/or network stack2 (NS2)394 may be a part of a transmission control protocol/Internet protocol (TCP/IP) model. The TCP/IP model for designing and building a network typically includes at least four layers: the physical and data link layer the network layer, the transport layer, and the application layer. The physical layer portion of the physical and data link layer deals with transmitting raw bits over a communication channel.

The data link portion of physical and data link layer takes the raw transmission and transforms it to be relatively free of transmission errors.

The network layer permits a host to inject packets into a network and have them travel independently to the destination. The protocol used for the network layer on the Internet is called the Internet Protocol (IP). The main function of the network layer is routing packets from a source entity (e.g., host) to a destination entity. In some cases, packets may require multiple hops to make the journey. The network layer (and/or associated software) fray use one or more routing methods for deciding which output line an incoming packet should be transmitted on. In an implementation, any suitable routing method may be used without departing from the spirt and scope of the disclosure.

Although devices that access the Internet each have an associated native address (or IP address), these addresses alone may not be used for transmission of packets because the data link layer may not be able to interpret Internet addresses. Hosts may be attached to a LAN by an interface board that only understands LAN addresses. For example, an Ethernet board may be equipped with a 48 bit Ethernet address. Manufacturers of Ethernet boards request a block of addresses from a central authority to ensure that no two boards have the same address. The transport layer is designed to permit components on the source and destination to engage in communications. With respect to the Internet, two end-to-end protocols may be used. The first protocol, the transmission control protocol (TCP), is a reliable connection-oriented protocol that may allow a byte stream originating on one component to be delivered without error to another component on the Internet. TCP may fragment an incoming byte stream into discrete packets and passes each one to the network layer. At the destination, the receiving TCP process reassembles the received packets into the output stream. TCP may also handle flow control to ensure that a receiving component can handle the flow of incoming packets. The second protocol used in the transport layer on the Internet is user datagram protocol (UDP). UDP is an unreliable connectionless protocol for applications that do not want TCP sequencing or flow control. UDP is used for communications in which prompt delivery is of greater importance than accurate delivery. The transport layer is considered to fall above the network layer in a hierarchical manner to indicate that the network layer provides a service to the transport layer. Similarly, the transport layer falls below the application layer in a hierarchical manner to indicate that the transport layer provides a service to the application layer. The application layer contains high level protocols such as Telnet, file transfer protocol (FTP), electronic mail—simple mail transfer protocol (SMTP), and hypertext transfer protocol (HTTP).

Communication on the Internet may be described as follows. The transport layer may split up a stream of data from the application layer into a number of segments. The network layer, using the Internet protocol, may transport the segments in one or more IP packets from a source to a destination. Each segment may be fragmented into small units as it is transported. When all of the fragmented small units arrive at the destination, they may be reassembled by the network layer into the original segment. This segment may then be handed to the transport layer, which inserts it into the receiving process' (application layer's) input stream.

In one implementation, network stack1 (391), network stack2 (392), network stack1 (393), and network stack2 (394) may be heterogeneous and may incorporate different network stack models. A network stack model refers to a conceptual model and a set of communications protocols that characterizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. In one implementation,gateway310 employs two networks stacks: IPv4 and IPv6 whilegateway330 employs a single IPv4 stack. With this arrangement,local network320 can be either IPv4 or IPv6 butnetwork340 must be IPv4 because that's the network stack the gateway supports. Further,network305 may be a common public network that can be either IPv4 or IPv6 butlocal network B340, which is a local network, may only be connected to an IPv4 public network whereaslocal network A320 may be connected to either or both IPv4 and IPv6 public networks. Supposelocal network A320 is IPv6. Host6 (334) onlocal network B340 may still communicate with a host5 (314) residing on thelocal network A320. Host6 (334) may acquire the system address of host5 (314) as a combination of an IPv4 address ofgateway310 plus a reference. Host6 (334) may then send the system address of host5 (314) to itslocal gateway330.Gateway330 may then translate, usingaddress mapper324, the source's address to a system address and send a packet togateway310.Gateway310 would receive the packet on its IPv4 stack and then translate, usingaddress mapper304, the destination system address into the local IPv6 address of host5 (314).Gateway310 would then detect that it should send the packet to host5 (314) on the IPv6 stack.Gateway310 would translate, usingaddress mapper304, the source's system address to another system address with the native address portion changed to an IPv6 address.Gateway310 would then create a new IPv6 packet with proper headers and copy the payload to the new IPv6 packet.Gateway310 would then send the packet to host5 (314).

In the reverse direction, host5 (314) would swap source and destination addresses and send an IPv6 packet togateway310.Gateway310, usingaddress mapper304, would translate both source and destination addresses to system addresses with native address portions changed from IPv6 to IPv4.Gateway310 would create a new IPv4 packet with those addresses, copy the payload and send it togateway330.Gateway330 would translate the destination system address into local IPv4 address of host6 (334).Gateway330 would then send the packet to host6 (334). If host5 (314) wanted to originate the communication with host6 (334), host5 (314) may acquirehost6's address viaDNS query interceptor365. DNS query interceptor may, usingaddress mapper304, return a system address with the native address portion mapped to IPv6. Host5 (314) may then send a packet with this destination address and its own local native address togateway310. The packet may then undergo a similar transformation as in the case of responding to a packet from host6 (334).

Although implementations of the disclosure are discussed in terms of private networks, implementations may also be generally applied to any type of network. Implementations of the disclosure are not limited to private networks that allow communications between hosts located in various networks.

Details regarding providing system addresses are described herein with respect toFIG. 4A.FIG. 4A is a flowchart illustrating amethod400 of providing system addresses.Method400 may be performed by processing logic that includes hardware (e.g., circuitry, dedicated logic, programmable logic, microcode, etc.), software (e.g., instructions run on a processing device to perform hardware simulation), or a combination thereof. In one implementation,method400 may be performed byaddress mapper304 oraddress mapper324 as described with respect toFIG. 3. In describing themethod400, reference is made toFIG. 3 to illustrate an implementation. It is noted that the example provided inFIG. 3 is meant for illustrative purposes, and is not to be considered a limiting implementation.

Referring again toFIG. 4A,method400 begins atblock402 when a request for a native address and a reference value is received. InFIG. 3,address mapper304 receives a request for a native address and a reference value. The request may be transmitted by a gateway such asgateway310.

Referring back toFIG. 4A, atblock404, the native address and the reference value are obtained via an address mapping engine. The reference value is associated with a host and the reference value includes an opaque binary value. InFIG. 3, addressmapping engine364 obtains the native address and the reference value. The reference value is associated with host5 (314).

Referring back toFIG. 4A, atblock406, the reference value is subdivided into multiple fields associated with the host. For example, a reference value may be subdivided into a host identification number, a handshake token, a public key, etc.

An address mapper may divide the reference into one or more fields to aid with calculations, for example, the address mapper may create fields to provide hints for load balance applications, alternative calculation parameters for redundant networks, validation bits, etc. InFIG. 3,address mapper304 may subdivide the reference.

Referring back toFIG. 4A, atblock408, the native address and the reference value are transmitted to a gateway. The gateway replaces a first native address associated with the host with the native address and the reference value. The gateway communicates, using the native address and the reference value, over a network. As depicted inFIG. 3,address mapper304 may transmit the system address (including the native address and the reference value) togateway310.Gateway310 may replace a native address associated with host5 (314) with the native address and the reference value.Gateway310 communicates, using the native address and the reference value, overnetwork305.

In an implementation,address mapper304 maintains a database (e.g., database363) of respective native addresses mapped to respective system addresses and reference values. The database may be internal or external to addressmapper304. The database may be updated byaddress mapper304 after a predetermined amount of time has passed. For example,address mapper304 may update or reassign native addresses and reference values that are mapped to respective native addresses every hour, every day, etc. In another example,address mapper304 may periodically update the mapping of native addresses to system address (which include native addresses and reference values) for purposes of security. Therefore, a native address may be associated with a first native address and a first reference value during a first time period and a second native address and a second reference value during a second time period and so on.

In an implementation, a native address may be mapped to a respective system address in one of an IPv4 address or an IPv6 address. The system address may thus include one of an IPv4 address or an IP v6 address. A length of a reference value may include at least 128bits. For example, a system address of a native address192.168.0.1 may be 11.0.0.1+0xFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFC. In another implementation, a length of the reference value may be less than 128 bits.

In an implementation,network305 may be a public network such as the Internet.

FIG. 4B is a flowchart of amethod420 of providing mapped addresses.Method420 may be performed by processing logic that includes hardware (e.g., circuitry, dedicated logic, programmable logic, microcode, etc.), software (e.g., instructions run on a processing device to perform hardware simulation), or a combination thereof. In one implementation,method420 may be performed byaddress mapper304 oraddress mapper324 as described with respect toFIG. 3. In describing themethod420, reference is made toFIG. 3 to illustrate an implementation. It is noted that the example provided inFIG. 3 is meant for illustrative purposes, and is not to be considered a limiting implementation.

Referring again toFIG. 4B,method420 begins atblock422 when a request for a mapped address is received at an address mapper. The mapped address includes one of a native address or a system address. The system address includes another native address and a reference value. The reference value is associated with a host. The reference value includes an opaque binary value of an arbitrary size. The reference value is subdivided into multiple fields associated with the host.

InFIG. 3,address mapper304 receives a request for a mapped address. The request may be transmitted bygateway310. The mapped address may be a native address or a system address. The system address includes another native address and a reference value. (SeeFIG. 2, for example.) The reference value is associated with host5 (314).Address mapper304 may subdivide the reference into multiple fields associated with host5 (314).

Referring again toFIG. 4B, atblock424, the mapped address is obtained via an address mapping engine. In response to the mapped address being the system address, the address mapping engine obtains the system address. In response to the mapped addressed being the native address, the address mapping engine obtains the native address. The native address is determined in view of an existing network protocol. InFIG. 3, addressmapping engine364 obtains the mapped address.

In some implementations, (not depicted), inblock422, the address mapper may also receive a request for a translated network address (described herein below with respect toFIGS. 6A, 68, and 6C).

In an implementation, the mapped address is transmitted togateway310 byaddress mapper304.Gateway310 replaces an input address with the mapped address.Gateway310 communicates, using the mapped address, overnetwork305. In an implementation, referring toFIG. 3,gateway310 replaces an input address of host5 (314), which is 172.19.0.5, with a system address: 11.0.0.1+155.

In an implementation, inFIG. 3 a system address is generated based on information from at least one ofgateway310,DNS query interceptor365, configuration, or information stored indatabase363.

Additional examples of networking systems are described herein with respect toFIGS. 5A, 5B, 6A, 6B, and 6C. Various components depicted inFIGS. 5A, 5B, 6A, 6B, and 6C are similar to those depicted inFIG. 3 and thus, the description presented with respect to the components inFIG. 3 also apply to the components depicted inFIGS. 5A, 5B, 6A, 6B, and 6C.

FIG. 5A is a block diagram500 illustrating a networking system. Block diagram500 depicts a local network1 (510), aDNS550, anetwork540, and a local network2 (512). Local network1 (510) includes anaddress mapper513, a host5 (H5) (515) and a gateway1 (GW1) (517). Local network2 (512) includes anaddress mapper514, a gateway2 (GW2) (518) and a host6 (H6) (516).

As depicted, an address of host5 (515) is 172.17.0.5; an address of gateway1 (517) is 11.0.0.1; an address of gateway2 (518) is 22.0.0.2; and address of host6 (516) is 172.24.0.6. DNS maps hosts to their system addresses. Specifically,DNS550 maps host5 to the address: 11.0.0.1+155 andhost6 to the address: 22.0.0.2+266. A system address includes a native address as well as a reference (as described inFIG. 2). Anative address portion521 of the system address of host5 (314) is set to the public address of gateway1 (517), while areference522 is set to 155. The native address portion of the system address of host6 (516) is set to the public address of gateway2 (518), while the reference is set to 266.

Suppose that host5 (515), residing within local network1 (510), wishes to communicate with host6 (516), residing within local network2 (512). Host5 (515) may transmit data to host6 (516) using a packet or multiple packets. As described above, a header of a packet may include an address identifying a source of the packet (e.g., an address of host5 (515)) and an address identifying a destination of the packet (e.g., an address of the host6 (516)). The packet may be transmitted to gateway1 (517) from host5 (515) for transmission to gateway2 (518) and which then transmits it to host6 (516). Upon receiving the packet, gateway1 (517) may translate and replace the source address of the packet to a system address obtained byaddress mapper513. The packet may then be transmitted to host6 (516), via gateway1 (517) and gateway2 (518). As depicted, gateway1 (517) communicates with gateway2 (518) vianetwork540. Details regarding changes to the packet header during transmission are depicted herein with respect toFIG. 5B.

FIG. 5B illustratespacket flow560. The top portion ofFIG. 5B illustrates packet header details with respect to transmission of a packet from host5 (515) to host6 (516). The bottom portion ofFIG. 5B illustrates packet header details with respect to transmission of a packet from host6 (516) to host5 (515). Suppose that host5 (515) wishes to transmit a packet (or multiple packets) to host6 (516). Specifically, an application such as a software application running on host5 (515) may wish to transmit a packet501 to host6 (516). Packet501 originating from host5 (515) includes a packet header and payload.

Host5 (515) creates packet501 by inserting its own address (i.e., a local IP address): (172.19.0.5) into a source address portion of the header and an address of host6 (516) into a destination address portion of the header. Host5 (515) acquires the system address of host6 (516) (i.e., 22.0.0.2+266) from DNS550 (depicted inFIG. 5A).DNS550, after receiving a request from host5 (515) for host6 (516)'s address, returns an address of host6 (516) as the address of host6 (516)'s gateway, gateway2 (518) and a reference value of 266. Host5 (515) may then transmit the packet to gateway1 (517). Thus, packet501 transmitted by host5 (515) to gateway1 (517) contains a source address: 172.19.0.5 and a destination address: 22.0.02+266.

When packet501 arrives at gateway1 (517), gateway1 (517) transforms it intopacket502. Gateway1 (517) does not change the destination address. To obtain the source address to insert intopacket502, gateway1 (517) creates a request to send to addressmapper513 for the system address of the source (i.e., host5 (515)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway1 (517) creates the request to send to addressmapper513.

Address mapper

513 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3) not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper513 (inFIG. 5A) receives the request and the address mapping engine generates a system address based on information fromgateway517 and information stored in the database (similar todatabase363 depicted inFIG. 3). The database is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) to native addresses (such as IP addresses) or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper513 transmits system addresses of the hosts to gateway1 (517).Address mapper513, provides to gateway1 (517), host5 (515)'s system address: 11.0.0.1+155.

In an implementation,address mapper513 may provide the address of the hosts in a manner similar to the ones described above with respect toFIG. 4. Gateway1 (517) may then transmitpacket502 to gateway2 (518) (via network540). Thus,packet502 transmitted by gateway1 (517) contains a source address: 11.0.0.1+155 and a destination address: 22.0.0.2+266.

After transmission overnetwork540,packet502 arrives at gateway2 (518). Gateway2 (518) then creates apacket503 which includes a source and destination address. Gateway2 (518) does not change the source address. To obtain the destination address to insert intopacket503, gateway2 (518) creates a request to send to addressmapper514 for a native address of the destination (i.e., host6 (516)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway2 (518) creates the request to send to addressmapper514.

Address mapper

514 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper514 (inFIG. 5A) receives the request and the address mapping engine returns a native address based on information fromgateway517 and information stored in the database (similar todatabase383 depicted inFIG. 3). The database is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values), native addresses (such as IP addresses) and/or translated native addresses. The access point of address mapping engine, not depicted, ofaddress mapper514 transmits the native address of host6 (516) to gateway2 (518).Address mapper514 provides to gateway2 (518) host6 (516)'s native address: 172.24.0.6.

Packet

503 arrives at host6 (516) and no further changes to addresses are made. Thus, an application running on host6 (516) receivespacket504 containing a source address: 11.0.0.1+155 and a destination address: 172.24.0.6.

When host6 (516) wishes to transmit a response to the packet to host5 (515), host6 (516) creates a packet505. The application running on host6 (516) flips or inverts the source address and the destination address ofpacket504. Thus, host6 (516) inserts its own native address:172.24.0.6 into a source address portion of the header and a system address of host5 (515) into a destination address portion of the header. host6 (516) may then transmit the packet to gateway2 (518). Thus, packet505 transmitted by host6 (516) to gateway2 (518) contains a source address: 172.24.0.6 and a destination address: 11.0.0.1+155.

In another implementation, if host6 (516) does not obtain the addresses frompacket504, host6 (516) may obtain the destination's address fromDNS550, in a manner similar to the one described above in relation to packet501.

When packet505 arrives at gateway2 (518), gateway2 (518) transforms it into packet506. Gateway2 (518) does not change the destination address. To obtain the source address to insert into packet506, gateway2 (518) creates a request to send to addressmapper514 for the system address of the source (i.e., host6 (516)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway2 (518) creates the request to send to addressmapper604.

Address mapper

514 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper514 (inFIG. 5A) receives the request and the address mapping engine generates a system address based on info iation fromgateway518 and information stored in the database (similar todatabase383 depicted inFIG. 3). The database is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) to native addresses (such as IP addresses) or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper514 transmits system addresses of the hosts to gateway2 (518).Address mapper514 provides to gateway2 (518) host6 (516)'s system address: 22.0.0.2+266.

In an implementation,address mapper514 may provide the address of the hosts in a manner similar to the ones described above with respect toFIG. 4 andpacket502. Gateway2 (518) may then transmit packet506 to gateway1 (517) (via network540). Thus, packet506 transmitted by gateway2 (518) contains a source address: 22.0.0.2+266 and a destination address: 11.0.0.1+155.

After transmission overnetwork540, packet506 arrives at gateway1 (517). Gateway1 (517) creates packet507 which includes a source and destination address. Gateway1 (517) does not change the source address. To obtain the destination address to insert into packet507, gateway1 (517) creates a request to send to addressmapper513 for a native address of the destination (i.e., host5 (515)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway1 (517) creates the request to send to addressmapper513.Address mapper513 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper513 (inFIG. 5A) receives the request and the address mapping engine returns the native address based on information fromgateway517 and information stored in the database (similar todatabase363 depicted inFIG. 3). The database is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values), native addresses (such as IP addresses) and/or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper513 transmits the native address of host5 (515) to gateway1 (517).Address mapper513 provides to gateway1 (517) host5 (515)'s native address: 172.19.0.5.

Packet507 arrives at host5 (515) and no further changes to addresses are made to packet508. Thus, an application running on host5 (515) receives packet containing a source address: 22.0.0.2+266 and a destination address: 172.19.0.5.

In an implementation, the paths that the packets travel are depicted by thick, solid, black lines inFIGS. 5A and 6A.

FIG. 6A is a block diagram695 illustrating a networking system in a compatibility mode. The block diagram depicts a local network1 (601), a domain name system (DNS)600, a network660, and a local network2 (602). Local network1 (601) includes an address mapper603, aDNS query interceptor665, a database (DB)663, a host5 (H5) (605) and a gateway1 (GW1) (607). Local network2 (602) includes anaddress mapper604, a DNS query interceptor666, a database (DB)664, a gateway2 (GW2) (608) and a host6 (H6) (606).

While a system address may be utilized in some examples such as inFIG. 5A, it may not be utilized by all systems due to the fact that hosts, gateways, and/or applications may need to be aware of the system address. The system address may thus be used instead in a compatibility mode where hosts, gateways, and applications may operate in a standard, non-system address manner.

In the block diagram ofFIG. 6A, host5 (605) or host6 (606) may queryDNS query interceptor665 or DNS query interceptor666, respectively, for resolving names that refer to system address. The DNS query interceptors may issue queries for system addresses on behalf of hosts, then translate them, using address mappers, into native addresses and return them to the hosts. Address mappers may store or map the translation and provide the system address to the gateways for the destination's address. For example, the system address of host6 (606) 22.0.0.2+266 obtained by DNS interceptor (665) on behalf of host H5 (605), may be mapped, by address mapper (603), to a translated native address 10.2.0.6, and then returned to host5 (605) as the result of the query. The native address may then be subject to translation back to the system address by a gateway1 (607). With mapping of a system address to a local native address, neither hosts (host5 (605) and host6 (606)) nor applications (not depicted) may not be concerned with a system address. All necessary system address operations may be performed by gateway1 (607) and gateway2 (608).

As depicted, an address of host5 (606) is 172.19.0.5; an address of gateway1 (607) is 11.0.0.1; an address of gateway2 (608) is 22.0.0.2; and an address of host6 (606) is 172.24.0.6.DNS600 returns the system address of host5 (605) as: 11.0.0.1+155 and a system address of host6 (606) as: 22.0.0.2+266.

Suppose that host5 (605), residing within local network1 (610), wishes to communicate with host6 (606), residing within local network2 (602). Host5 (605) may transmit data to host6 (606) using a packet or multiple packets. A packet may include, among other things, a header and payload. The header may include a native address identifying a source of the packet (e.g., an address of the host5 (605)) and an address identifying a destination of the packet (e.g., a translated native address of host6 (606) received fromDNS query interceptor665, which intercepted an address of host6 (606)). The packet may be transmitted to gateway1 (607) from host5 (605). Upon receiving the packet, gateway1 (607) may translate and replace the local source address of the packet to a system address with a help of address mapper603. The packet may then be transmitted to host6 (606), via gateway1 (607) and gateway2 (608). As depicted, gateway1 (607) communicates with gateway2 (608) via network660. Details regarding changes to the packet header during transmission are depicted herein with respect toFIG. 6B.

FIG. 6B illustratespacket flow650 in a compatibility mode. The top portion ofFIG. 6B illustrates packet header details with respect to transmission of a packet from host5 (605) to host6 (606). The bottom portion ofFIG. 6B illustrates packet header details with respect to transmission of a packet from host6 (606) to host5 (605). Suppose that host5 (605) wishes to transmit a packet (or multiple packets) to host6 (606). Specifically, an application such as a software application running on host5 (605) may wish to transmit apacket611 to host6 (606).Packet611 originating from host5 (605) includes a packet header and payload. Host5 (605) createspacket611 by inserting its own native address (i.e., a local IP address): (172.19.0.5) into source address portion of the header and an address of host6 (606) into a destination address portion of the header.

To obtain the address of host6 (606), host5 (605) transmits a query toDNS query interceptor665.DNS query interceptor665 then transmits a request to DNS to obtain an address associated with host6 (606). The address may be in a form of a system address or a native address. Suppose that the address of host6 (606) stored within (or otherwise obtained by)DNS600 is a system address.DNS600 may transmit the system: 22.0.0.2+266 toDNS query interceptor665. As described above with respect toFIG. 2, a system address includes native address and a reference. In an implementation,DNS600 stores (or otherwise accesses and provides) the system address of host6 (606) as a native address of host6 (606)'s gateway, gateway2 (608) along with a reference value of 266.

DNS query interceptor

665, after recognizing that the address associated with host6 (606) is a system address, transmits the system address to address mapper603 (depicted inFIG. 6A). In an implementation,DNS query interceptor665 may recognize a type of a query in order to recognize the address. Address mapper603 maps the system address of host6 (606) to a translated native address: 10.2.0.6. A translated native address is an address assigned by an address mapper and may be unused. The translated native address may be utilized within a particular local network.

Address mapper603 then transmits the translated native address of host6 (606) toDNS query interceptor665, andDNS query interceptor665 transmits the translated native address of host6 (606) to host5 (605) and an application running on host5 (605) createspacket611, as depicted byFIG. 6B. Host5 (605) transmitspacket611 to gateway1 (607). Thus,packet611 transmitted by host5 (605) to gateway1 (607) contains a source address: 172.19.0.5 and a destination address: 10.2.0.6.

Whenpacket611 arrives at gateway1 (607), gateway1 (607) transforms it intopacket612. To obtain the source and destination address to insert intopacket612, gateway1 (607) creates a request to send to address mapper603 for the system address of the source (i.e., host5 (605)) and the system address of the destination (i.e., host6 (606)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway1 (607) creates the request to send to address mapper603.

Address mapper603 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper603 (inFIG. 6A) receives the request and the address mapping engine produces the system address based on information from the gateway, the query interceptor, and information stored in thedatabase663.Database663 is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) to native addresses (such as IP addresses) or translated native addresses.

The access point of address mapping engine, not depicted, of address mapper603 transmits system addresses of the hosts to gateway1 (607). Address mapper603 provides to gateway1 (607) host5 (605)'s system address: 11.0.0.1+155 and host6 (606)'s system address: 22.0.0.2+266.

In an implementation, address mapper603 may provide the address of the hosts in a manner similar to the ones described above with respect toFIGS. 4, 5A, and 5B. Gateway1 (607) may then transmitpacket612 to gateway2 (608) (via network660). Thus,packet612 transmitted by gateway1 (607) contains a source address: 11.0.0.1+155 and a destination address: 22.0.0.2+266.

After transmission over network660,packet612 arrives at gateway2 (608). Gateway2 (608) then creates apacket613 which includes a source and destination address. To obtain the source and destination address to insert intopacket613, gateway2 (608) creates a request to send to addressmapper604 for a translated native address of the source and a native address of the destination (i.e., host6 (606)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway2 (608) creates the request to send to addressmapper604.

Address mapper

604 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3) not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper604 (inFIG. 6A) receives the request and the address mapping engine generates the translated native address based on information from gateway608 DNS query interceptor666, and information stored in database664. The address mapper engine returns the native address of the destination based on information from gateway608, DNS query interceptor666, and information stored in database664. Database664 is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values), native addresses (such as IP addresses) and/or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper604 transmits the native address of host6 (606) and the translated native address of host5 (605) as follows: 10.1.0.5 and 172.24.0.6, respectively, to gateway2 (608).

Packet

613 arrives at host6 (606) and no further changes to addresses are made. Thus, an application running on host6 (606) receivespacket614 containing a source address: 10.1.0.5 and a destination address: 172.24.0.6.

When host6 (606) wishes to transmit a response to the packet to host5 (605), host6 (606) creates apacket615. The application running on host6 (606) flips or inverts the source address and the destination address contained inpacket614. Thus, host6 (606) inserts its own native address: 172.24.0.6 into a source address portion of the header and the translated native address of the destination (10.1.0.5) into a destination address portion of the header. Host6 (606) may then transmit the packet to gateway2 (608). Thus,packet615 transmitted by host6 (606) to gateway2 (608) contains a source address: 172.24.0.6 and a destination address: 10.1.0.5.

In another implementation, if host6 (606) does not obtain the addresses frompacket614, host6 (606) may obtain the destination's address from DNS query interceptor666 in a manner similar to the one described above in relation topacket611.

Whenpacket615 arrives at gateway2 (608), gateway2 (608) transforms it intopacket616. To obtain the source and destination address to insert intopacket616, gateway2 (608) creates a request to send to addressmapper604 for the system address of the source (i.e., host6 (606)) and the system address of the destination (i.e., host5 (605)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway2 (608) creates the request to send to addressmapper604.

Address mapper

604 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper604 (in FIG.6A) receives the request and the address mapping engine turns the native address and generates the translated native address based on information from gateway2 (608), DNS query interceptor666, and information stored in the database664. Database664 is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) to native addresses (such as IP addresses) or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper604 transmits system addresses of the hosts to gateway2 (608).Address mapper604, provides to gateway2 (608), host5 (605)'s system address: 11.0.0.1+155 and host6 (606)'s system address: 22.0.0.2+266.

In an implementation,address mapper604 may provide the address of the hosts in a manner similar to the ones described above with respect toFIGS. 4, 5A, and 5B andpacket612. Gateway2 (608) may then transmitpacket616 to gateway1 (607) (via network660). Thus,packet616 transmitted by gateway2 (608) contains a source address: 22.0.0.2+266 and a destination address: 11.0.0.1+155.

After transmission over network660,packet616 arrives at gateway1 (607). Gateway1 (607) then creates apacket617 which includes a source and destination address. To obtain the source and the destination address to insert intopacket617, gateway1 (607) creates a request to send to address mapper603 for the translated native address of the source and a native address of the destination (i.e., host5 (605)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway1 (607) creates the request to send to address mapper603. Address mapper603 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper603 (inFIG. 6A) receives the request and the address mapping engine returns the native address and generates the translated native address based on information from gateway1 (607),DNS query interceptor665, and information stored in thedatabase663.Database663 is a type of storage database that stores mappings of system addresses i.e., native addresses and reference values), native addresses (such as IP addresses) and/or translated native addresses.

The access point of address mapping engine, not depicted, of address mapper603 transmits the native address of host5 (605) and translated native address of host6 (606) to gateway1 (607). Address mapper603, provides to gateway1 (607), the source's translated native address: 10.2.0.6 and host5 (605)'s native address: 172.19.0.5.

Packet

617 arrives at host5 (605) and no further changes to addresses are made topacket618. Thus, an application running on host5 (605) receives packet containing a source address: 10.2.0.6 and a destination address: 172.19.0.5.

FIGS. 5A, 5B, 6A, and 6B describe systems and related packet flows of homogenous components which can interpret the same address system (e.g., IPv4).FIG. 6C illustratespacket flow690 in a mixed networking system. Networks within the mixed networking system may use various network protocols. For example, one private network within a mixed networking system may use an IPv4 network protocol and another private network may use an IPv6 network protocol. A mixed networking system may encompass similar components and networks as the network depicted inFIG. 6A. Therefore,FIG. 6C is described with reference toFIG. 6A. However, note that the addresses of components depicted inFIG. 6A do not apply to the components described in participating inpacket flow690 inFIG. 6C. The components depicted inFIG. 6A may be compatible with one networking system (e.g., IPv4) while the components utilized byFIG. 6C are compatible with mixed networks.

The packet flow ofFIG. 6C is similar to the packet flow described above with respect toFIGS. 5B and 6B. Referring now toFIG. 6A, network660 may use an IPv6 address system,local network1 may use an IPv4 address system, andlocal area network2 may use an IPv6 address system. The top portion ofFIG. 6C illustrates packet header details with respect to transmission of a packet from host5 (605) (depicted inFIG. 6A) to host6 (606) (depicted inFIG. 6A). The bottom portion ofFIG. 6C illustrates packet header details with respect to transmission of a packet from host6 (606) to host5 (605). Suppose that host5 (605) wishes to transmit a packet (or multiple packets) to host6 (606).

FIGS. 6A and 6C are referred to herein below. Suppose that an application such as a software application running on host5 (605) wishes to transmit apacket681 to host6 (606).Packet681, originating from host5 (605), includes a packet header and payload. Host5 (605) createspacket681 by inserting its own native address (i.e., a local IP address): (172.19.0.5) into source address portion of the header and an address of host6 (606) into a destination address portion of the header.

To obtain the address of host6 (606), host5 (605) transmits a query toDNS query interceptor665.DNS query interceptor665 then transmits a request to DNS to obtain an address associated with host6 (606). The address may be in a form of a system address or a different address. Suppose that the address of host6 (606) stored within (or otherwise obtained by)DNS600 is a system address.DNS600 may transmit the system address (which is in a form of an IPv6 address and a reference: 2002:2:2468::8+266 toDNS query interceptor665. As described above with respect toFIG. 2, a system address includes a native address (in the example of the address of host6 (606), the native address is in the form of an IPv6 address) and a reference. In an implementation,DNS600 stores (or otherwise accesses and provides) the system address of host6 (606) as a native address of host6 (606)'s gateway in IPv6, gateway2 (608), along with reference value of 266.

DNS query interceptor

665, after recognizing that the address associated with host6 (606) is a system address, transmits the system address to address mapper603. Address mapper603 maps the system address of host6 (606) to a translated native address: 10.2.0.6. In an implementation, address mapper603 may generate the translated native address associated with host6 (606) based on information from gateway1 (607),DNS query interceptor665, and info ration stored in the database663 (or another database).

Address mapper603 then transmits the translated native address of host6 (606) toDNS query interceptor665, andDNS query interceptor665 transmits the translated native address of host6 (606) to host5 (605) and an application running on host5 (605) creates packet681 (as depicted byFIG. 6C). Host5 (605) transmitspacket681 to gateway1 (607). Thus,packet681 transmitted by host5 (605) to gateway1 (607) contains a source address: 172.19.0.5 and a destination address: 10.2.0.6.

Whenpacket681 arrives at gateway1 (607), gateway1 (607) transforms it intopacket682. To obtain the source and destination address to insert intopacket612, gateway1 (607) creates a request to send to address mapper603 for the system address of the source (i.e., host5 (605)) and the system address of the destination (i.e., host6 (606)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway1 (607), may identify or otherwise recognize differences between address formats and network types. A network may be a type of IPv4 or IPv6 network, for example. In one example, a packet processing unit may identify thatlocal network1 is an IPv4 network compatible with IPv4 addresses and network660 is an IPv6 network. A packet processing unit may create a request for system addresses to address mapper603.

Address mapper603 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper603 (inFIG. 6A) receives the request and the address mapping engine generates the translated native address based on information from gateway607,DNS query interceptor665, and information stored in thedatabase663.Database663 is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) to native addresses (such as IP addresses) or translated native addresses.

The access point of address mapping engine, not depicted, of address mapper603 transmits system addresses of the hosts to gateway1 (607). Address mapper603 provides to gateway1 (607) host5 (605)'s system address: 2002:1:1357::7+155 and host6 (606)'s system address: 2002:2:2468::8+266.

In an implementation, address mapper603 may provide the address of the hosts in a manner similar to the ones described above with respect toFIGS. 4, 5A, and 5B. Gateway1 (607) recognizes that it must send the packets on a different network and prepares a suitable new packet, in this case an IPv6 packet. Gateway1 (607) sets source and destination system addresses and copies the payload to the packet. Gateway1 (607) may then transmitpacket682 to gateway2 (608) (via network660). Thus,packet682 transmitted by gateway1 (607) contains a source address: 2002:1:1357::7+155 and a destination address: 2002:2:2468::8+266.

After transmission over network660,packet682 arrives at gateway2 (608). Gateway2 (608) then creates apacket683 which includes a source and destination address. To obtain the source and destination address to insert intopacket683, gateway2 (608) creates a request to send to addressmapper604 for a translated native address of the source and a native address of the destination (i.e., host6 (606)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway2 (608) creates the request to send to addressmapper604.

Address mapper

604 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper604 (inFIG. 6A) receives the request and the address mapping engine returns the native address and generates the mapped based on information from gateway2 (608), DNS query interceptor666, and information stored in the database664. Database664 is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values), native addresses (such as IP addresses) and/or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper604 transmits the native address of host6 (606) and translated native address of host5 (605) to gateway2 (608).Address mapper604, provides to gateway2 (608), the source's translated native address: FDFF:1:1111::17 and host6 (606)'s native address: FD02:2:2222::6.

Packet

683 arrives at host6 (606) and no further changes to addresses are made. Thus, an application running on host6 (606) receivespacket684 containing a source address: FDFF:1:1111::17 and a destination address: FD02:2:2222::6.

When host6 (606) wishes to transmit a response to the packet to host5 (605), host6 (606) creates apacket685. The application running on host6 (606) flips or inverts the source address and the destination address contained inpacket614. Thus, host6 (606) inserts its own native address: FD02:2:2222::6 into a source address portion of the header and the native address of the destination (FDFF:1:1111::17) into a destination address portion of the header. Host6 (606) may then transmit the packet to gateway2 (608). Thus,packet685 transmitted by host6 (606) to gateway2 (608) contains a source address: FD02:2:2222::6 and a destination address: FDFF:1:1111::17.

In another implementation, if host6 (606) does not obtain the addresses frompacket614, host6 (606) may obtain the destination's address from DNS query interceptor666 in a manner similar to the one described above in relation topacket681.

Whenpacket685 arrives at gateway2 (608), gateway2 (608) transforms it intopacket686. To obtain the source and destination address to insert intopacket686, gateway2 (608) creates a request to send to addressmapper604 for the system address of the source (i.e., host6 (606)) and the system address of the destination (i.e., host5 (605)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway2 (608) creates the request to send to addressmapper604.

Address mapper

604 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper604 (inFIG. 6A) receives the request and the address mapping engine generates the system addresses based on information from gateway (608), DNS query interceptor666, and information stored in the database664. Database664 is a type of storage database that stores mappings of system addresses (i.e., native addresses and reference values) to native addresses (such as IP addresses) or translated native addresses.

The access point of address mapping engine, not depicted, ofaddress mapper604 transmits system addresses of the hosts to gateway2 (608).Address mapper604, provides to gateway2 (608), the destination's system address: 2002:1:1357::7+155 and host6 (606)'s system address: 2002:2:2468::8+266.

In an implementation,address mapper604 may provide the address of the hosts in a manner similar to the ones described above with respect toFIGS. 4, 5A, and 5B andpacket682. Gateway2 (608) may then transmitpacket686 to gateway1 (607) (via network660). Thus,packet616 transmitted by gateway2 (608) contains a source address: 2002:2:2468::8+266 and a destination address: 2002:1:1357::7+155.

After transmission over network660,packet686 arrives at gateway1 (607). Gateway1 (607) then creates apacket687 which includes a source and destination address. To obtain the source and destination address to insert intopacket687, gateway1 (607) creates a request to send to address mapper603 for a translated native address of the source and a native address of the destination (i.e., host5 (605)). Specifically, a packet processing unit (similar topacket processing unit353 inFIG. 3), not depicted, of gateway1 (607), may identify or otherwise recognizes differences between address formats and network types. Address mapper603 receives the request. Specifically, an access point (similar to access point1 (361) depicted inFIG. 3), not depicted, of an address mapping engine (similar to addressmapping engine364 depicted inFIG. 3), not depicted, of address mapper603 (inFIG. 6A) receives the request and the address mapping engine returns the native address and generates the translated native address based on information from gateway1 (607),DNS query interceptor665, and information stored in thedatabase663.Database663 is a type of storage da′abase that stores mappings of system addresses (i.e., native addresses and reference values), native addresses (such as IP addresses) and/or translated native addresses.

The access point of address mapping engine, not depicted, of address mapper603 transmits the native address of host5 (605) and the translated native address of the source to gateway1 (607). Address mapper603, provides to gateway1 (607), the source's translated native address: 10.2.0.6 and host5 (605)'s native address: 172.19.0.5.

Gateway1 (607) recognizes that it should send the packets on a different network than its local network and prepares a suitable new packet, in this case an IPv4 packet. Gateway1 (607) sets source and destination system addresses and copies the payload to the packet. Gateway1 (607) then transmits the packet to host5 (605).

Packet

687 arrives at host5 (605) and no further changes to addresses are made. Thus, an application running on host5 (605) receivespacket688 containing a source address: 10.2.0.6 and a destination address: 172.19.0.5.

In an implementation, various components depicted in one or more of the figures may perform similar actions as other, similar components depicted in another one or more of the figures. Therefore, all features described with respect to any one of an address mapper, a database, a DNS query interceptor, a gateway, and a host depicted in the figures may apply to one or more of the another one of an address mapper, a database, a DNS query interceptor, a gateway, and a host, respectively depicted in another figure or figures.

Referring again toFIG. 3, suppose that host5 (314) (also referred to as a first host) wishes to obtain a destination address of host6 (334) (also referred to as a second host) to place in a packet that is destined for host6 (334). In an implementation,DNS306 may receive a request from host5 (314) for a system address associated with a second host (i.e., host6 (344)). The second host is not in the same private network as host5 (314). Upon receiving request from host5 (314),DNS306 may return a system address. In one implementation, host5 (314) may support system addresses in which case, no mapping may be needed. Upon receiving the system address fromDNS306, host5 (314) may insert it as the destination address in the packet.

In one implementation,DNS query interceptor365 may receive a request from host5 (315) for a native address of a second host. Host5 (314) may havenetwork stack317 that may not be compatible with a system address. Upon receiving the request from host5 (314),DNS query interceptor365 may request the naming resolution of the second host on behalf of host5 (314) and obtain a system address, instead of a native address, fromDNS306.DNS query interceptor365 may be in communication withDNS306 and theaddress mapper304.DNS query interceptor365 may requestaddress mapper304 to map a system address into a translated native address. The address mapper may provide such mappings based on information provided by the DNS query interceptor and information stored in the database. OnceDNS query interceptor365 receives the translated native address, it may then transmit it to host5 (315).

In an implementation, referring again toFIG. 3, an address mapping system includesaddress mapping engine364 andgateway310.Address mapping engine364 includes multiple mappings of respective input addresses to respective output addresses.Gateway310 includespacket processing unit353 which is configured to communicate withaddress mapping engine364 with respect to output addresses.Gateway310 replaces an input address with an output address. The output address includes one of a native address, a translated native address or a system address.Gateway310 replaces the input address with the output address.

In an implementation, an output address is an address that is provided by an address mapper. The output address is a mapped address and is provided to a gateway.

In an implementation, the address mapping system further includesDNS query interceptor365 in communication withaddress mapping engine364.DNS query interceptor365 is configured to issue queries for a host native address (associated with host6 (334)) or a host system address (associated with host6 (334)) on behalf of host5 (314). The queries are transmitted toDNS306. Specifically,DNS query interceptor365 communicates withDNS306 to obtain the host native address or the host system address.

In an implementation, the address mapping system further includes at least one access point (e.g., access point1 (351)) associated withpacket processing unit353. The access point provides the multiple mappings togateway310.

In an implementation, the address mapping system is compatible with at least one of IPv4 addresses or IPv6 addresses.

In an implementation,packet processing unit353 is further configured to identify a difference between network types, repackage packets into different network types, apply addresses returned byaddress mapper304 and copy payload.

In an implementation,gateway310 replaces another native address in a packet with the system address, where a native address portion of the system address is inserted into a native address field of the packet, and a reference value is inserted into one of: a header of the packet or a field in a tunnel.

In an implementation,address mapping engine364 performs address mapping based on information provided by the gateways, DNS interceptors, and information in the database. The system further includesDNS query interceptor365, in communication withaddress mapping engine364 andDNS306.Packet processing unit353 may be configured to request address mapping fromaddress mapper304 based on information it provides to addressmapper304 and oninformation address mapper304 obtains fromDNS query interceptor365 and information in thedatabase363.Gateway310 replaces a native associated with host5 (314) with a system address obtained fromaddress mapper304 and replaces the destination address with a system address obtained from theaddress mapper304.Gateway310 communicates, using the source and destination addresses obtained fromaddress mapper304, overnetwork305.

In an implementation,packet processing unit353 may identify a difference between network types of network stacks391, . . . ,392.Packet processing unit353 may repackage packets into different network types in addition to applying mapped addresses returned byaddress mapper304 and copy the payload.

In an implementation,gateway310 further include at least one access point (e.g., access point1 (351)) associated withpacket processing unit353. The access point provides the multiple mappings togateway310.

In an implementation,DNS query interceptor365 communicates with a domain name system to obtain system addresses.

In an implementation,database363 includes information used by address mapping engines to produce address mappings. The information may include stored mappings, various parameters, configuration, and any other data used in the process.

In an implementation, wherein the address mapping system is compatible with at least one of IPv4 addresses or IPv6 addresses.

In an implementation depicted byFIGS. 6A, 6B and 6C, gateways may be capable of interpreting system addresses while hosts may not. Therefore, gateways and DNS query interceptors translate system addresses to comply or be compatible with hosts. In other implementations, when hosts may be able to interpret system addresses, it may not be necessary to map system addresses to native addresses. In such implementations, instead of a host requesting a destination address from a DNS query interceptor, the host may instead directly query a DNS instead. Therefore, the DNS query interceptor may be bypassed or the DNS query interceptor may be an optional component in such implementations. Details regarding the use or bypassing of a DNS query interceptor (also referred to as a query interceptor) are described herein with respect toFIG. 7.

FIG. 7 is a flowchart of a method of obtaining an address of a host. In an implementation,FIG. 7 may be associated with and include the steps described above with respect toFIGS. 4A and 4B. In an implementation, examples relating toFIG. 7 are described herein with respect toFIG. 6A. Atdecision block704, a determination is made whether a first host (e.g., host5) is able to interpret system addresses. The determination may be made by the first host or another connected device, or by configuration by an administrator

In response to decision block704 returning a “no,” the method continues to block706. Inblock706, a query interceptor receives a request from the first host for a native address associated with a second host. Referring toFIG. 6A,DNS query interceptor665 receives a request from host5 (605) for a destination address associated with host6 (606).

Referring again toFIG. 7, inblock708, the query interceptor requests, from a domain name system, a system address associated with the second host. Referring toFIG. 6A,DNS query interceptor665 requests, fromDNS600, a system address associated with host6 (606).

Referring again toFIG. 7, inblock710, the query interceptor receives the system address associated with the second host and transmits the system address associated with the second host to an address mapper. Referring toFIG. 6A,DNS query interceptor665 receives the system address of host6 (606): 22.0.0.2+266 and transmits it to address mapper603.

Referring again toFIG. 7, inblock712, the address mapper receives the system address associated with the second host. Referring toFIG. 6A, address mapper603 receives the system address associated with host6 (606).

Referring again toFIG. 7, inblock714, the address mapper maps the system address associated with the second host to the translated native address determined in view of a first host network protocol. Referring toFIG. 6A, address mapper603 maps the system address: 22.0.0.2+266 to the translated native address: 10.2.0.6 which is determined in view of host5 (605)'s network protocol.

Referring again toFIG. 7, inblock716, the address mapper transmits the translated native address to the query interceptor as the destination address. Referring toFIG. 6A, address mapper603 transmits the translated native address: 10.2.0.6 toDNS query interceptor665 as the destination address.

Referring again toFIG. 7, inblock718, the query interceptor transmits the destination address to the first host. Referring toFIG. 6A,DNS query interceptor665 transmits the destination to host5 (605).

The method then ends.

In response to decision block704 returning a “yes,” the method continues to block720. Inblock720, the first host transmits a request for a system address associated with a second host to a domain name system. Referring toFIG. 6A, host5 (605) transits a request for a system address associated with host6 (606) todomain name system600.

Referring again toFIG. 7, inblock722, the first host receives the system address obtained from the domain name system. Referring toFIG. 6A, host5 (605) receives the system address: 22.0.0.2+266 fromDNS600.

The method then ends.

Some lines are depicted in the figures as dashed lines and thus, these lines may be optional.

FIG. 8 illustrates a block diagram of an illustrative computing device operating, in accordance with the examples of the disclosure. In alternative implementations, the machine may be connected (e.g., networked) to other machines in a LAN, an intranet, an extranet, or the Internet. The machine may operate in the capacity of a server or a client device in a client-server network environment, or as a peer machine in a peer-to-peer (or distributed) network environment. The machine may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a server, a network router, switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine. Further, while only a single machine is illustrated, the term “machine” shall also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.

Thecomputer system800 includes aprocessing device802, a main memory804 (e.g., read-only memory (ROM), flash memory, dynamic random access memory (DRAM) (such as synchronous DRAM (SDRAM) or RDRAM, etc.), a static memory806 (e.g., flash memory, static random access memory (SRAM), etc.), and adata storage device818, which communicate with each other via abus808.

Processing device

802 represents one or more general-purpose processing devices such as a microprocessor, central processing unit, or the like. More particularly, the processing device may be complex instruction set computing (CISC) microprocessor, reduced instruction set computer (RISC) microprocessor, very long instruction word (VLIW) microprocessor, or processor implementing other instruction sets, or processors implementing a combination of instruction sets.Processing device802 may also be one or more special-purpose processing devices such as an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), network processor, or the like. Theprocessing device802 is configured to execute theinstructions826 for performing the operations and steps discussed herein.

In accordance with one or more aspects of the present disclosure,processing device802 may be configured to executeaddress mapper304 implementing

methods

400,420, and700 for providing system addresses. Althoughaddress mapper304 is depicted inFIG. 8, in other implementations, not depicted,address mapper324,address mapper513,address mapper514, address mapper603,address mapper604,DNS query interceptor365,DNS query interceptor385,DNS query interceptor665, and/or DNS query interceptor666 may also be included withinprocessing device802 and/or non-transitory computer-readable storage medium824.

Thecomputer system800 may further include anetwork interface device822 communicably coupled to anetwork874. Thecomputer system800 also may include a video display unit810 (e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT)), an alphanumeric input device812 (e.g., a keyboard), a cursor control device814 (e.g., a mouse), and a signal generation device820 (e.g., a speaker).

Thedata storage device818 may include a non-transitory computer-readable storage medium824 on which is storedinstructions826 embodying any one or more of the methodologies of functions described herein. Theinstructions826 may also reside, completely or at least partially, within themain memory804 asinstructions826 and/or within theprocessing device802 asinstructions826 during execution thereof by thecomputer system800; themain memory804 and theprocessing device802 also constituting machine-accessible storage media.

In accordance with one or more aspects of the present disclosure,instructions826 may comprise executable instructions encoding various functions of implementing

methods

400,420, and700 for providing system addresses.

The non-transitory computer-readable storage medium824 may also be used to storeinstructions826 to implement any one or more of the methodologies of functions described herein in a computer system, such as the system described with respect toFIGS. 3, 5A, and/or6A, and/or a software library containing methods that call the above applications.

While the non-transitory computer-readable storage medium824 is shown in an example implementation to be a single medium, the term “non-transitory computer-readable storage medium” should be taken to include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term “non-transitory computer-readable storage medium” shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instruction for execution by the machine and that cause the machine to perform any one or more of the methodologies of the disclosure. The term “non-transitory computer-readable storage medium” shall accordingly be taken to include, but not be limited to, solid-state memories, and optical and magnetic media.

In the foregoing description, numerous details are set forth. It may be apparent, however, that the disclosure may be practiced without these specific details. In some instances, well-known structures and devices are shown in block diagram form, rather than in detail, in order to avoid obscuring the disclosure.

Some portions of the detailed descriptions which follow are presented in terms of algorithms and symbolic representations of operations on data bits within a computer memory. These algorithmic descriptions and representations are the means used by those skilled in the data processing arts to most effectively convey the substance of their work to others skilled in the art. An algorithm is here, and generally, conceived to be a self-consistent sequence of steps leading to a desired result. The steps are those requiring physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, or the like.

It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise, as apparent from the following discussion, it is appreciated that throughout the description, discussions utilizing terms such as “receiving”, “initiating”, “generating”, “determining”, “sending”, “invoking”, “storing”, “updating”, “identifying”, “presenting”, “causing”, or the like, refer to the action and processes of a computer system, or similar electronic computing device, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices.

The disclosure also relates to an apparatus for performing the operations herein. This apparatus may be specially constructed for the required purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a machine-readable storage medium, such as, but not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, or any type of media suitable for storing electronic instructions, each coupled to a computer system bus.

The algorithms and displays presented herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct more specialized apparatus to perform the required method steps. The required structure for a variety of these systems may appear as set forth in the description below. In addition, the disclosure is not described with reference to any particular programming language. It may be appreciated that a variety of programming languages may be used to implement the teachings of the disclosure as described herein.

The disclosure may be provided as a computer program product, or software, that may include a machine-readable storage medium having stored thereon instructions, which may be used to program a computer system (or other electronic devices) to perform a process according to the disclosure. A machine-readable storage medium includes any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer). For example, a machine-readable (e.g., computer-readable) medium includes a machine (e.g., a computer) readable storage medium (e.g., read only memory (“ROM”), random access memory (“RAM”), magnetic disk storage media, optical storage media, flash memory devices, etc.), etc.

For purposes of this disclosure, any element mentioned in the singular also includes the plural.

Although some figures depict lines with arrows to represent intra-network or inter-network communication, in other implementations, additional arrows may be included to represent communication. Therefore, the arrows depicted by the figures do not limit the disclosure to one-directional or bi-directional communication.

Whereas many alterations and modifications of the disclosure may no doubt become apparent to a person of ordinary skill in the art after having read the foregoing description, it is to be understood that any particular example shown and described by way of illustration is in no way intended to be considered limiting. Therefore, references to details of various examples are not intended to limit the scope of the claims, which in themselves recite only those features regarded as the disclosure.

Claims

What is claimed is:

1. A method comprising:

receiving, at an address mapper, a request for a mapped address, wherein the mapped address comprises one of a native address or a system address, wherein the system address comprises another native address and a reference value, wherein the reference value is associated with a host, wherein the reference value comprises an opaque binary value of an arbitrary size, and wherein the reference value is subdivided into plurality of fields associated with the host; and

obtaining, via an address mapping engine, the mapped address,

wherein in response to the mapped address being the system address, the address mapping engine obtains the system address, and

wherein in response to the mapped address being the native address, the address mapping engine obtains the native address, wherein the native address is determined in view of an existing network protocol.

2. The method ofclaim 1, further comprising:

transmitting the mapped address to a gateway, wherein the gateway replaces an input address with the mapped address, and wherein the gateway communicates, using the mapped addresses, over a network.

3. The method ofclaim 1, wherein the host comprises a first host, the method further comprising:

receiving, at a query interceptor, a request from the first host for a destination address associated with a second host;

requesting, by the query interceptor from a domain name system, a system address associated with the second host;

receiving, at the query interceptor, the system address associated with the second host and transmitting the system address associated with the second host to the address mapper;

receiving, at the address mapper, the system address associated with the second host;

mapping, by the address mapper, the system address associated with the second host to a translated native address determined in view of a first host network protocol;

transmitting, by the address mapper, the translated native address to the query interceptor as the destination address; and

transmitting, by the query interceptor, the destination address to the first host.

4. The method ofclaim 1, further comprising:

maintaining a database of information used by the address mapping engine to produce address mappings; and

updating the database after a predetermined amount of time has passed.

5. The method ofclaim 1, wherein the native address comprises one of an IPv4 address or an IPv6 address and wherein a length of the reference value comprises at least 128 bits.

6. The method ofclaim 3, further comprising generating a system address based on information from at least one of a gateway, the query interceptor, configuration, or information stored in a database.

7. The method ofclaim 2, wherein the network comprises a public network and wherein the address mapper, the address mapping engine, and the gateway reside in a private network.

8. An address mapping system comprising:

an address mapping engine comprising a plurality of mappings of respective input addresses to respective output addresses; and

a gateway comprising a packet processing unit, the packet processing unit configured to communicate with the address mapping engine with respect to output addresses, wherein the gateway replaces an input address with an output address, wherein the output address comprises one of a native address, a translated native address or a system address.

9. The address mapping system ofclaim 8, further comprising a query interceptor in communication with the address mapping engine, wherein the query interceptor is configured to issue queries for a host native address or a host system address on behalf of a host.

10. The address mapping system ofclaim 8, further comprising:

at least one access point associated with the packet processing unit, wherein the access point provides the plurality of mappings to the gateway.

11. The address mapping system ofclaim 9, wherein the query interceptor communicates with a domain name system to obtain the host native address or the host system address.

12. The address mapping system ofclaim 8, wherein the address mapping system is compatible with at least one of IPv4 addresses or IPv6 addresses.

13. The address mapping system ofclaim 8, wherein the packet processing unit is further configured to identify a difference between network types, repackage packets into different network types, apply addresses returned by an address mapper and copy payload.

14. The address mapping system ofclaim 8, wherein the gateway replaces another native address in a packet with the system address, wherein a native address portion of the system address is inserted into a native address field of the packet, and a reference value is inserted into one of: a header of the packet or a field in a tunnel.

15. A non-transitory computer-readable storage medium storing instructions that, when executed by a processing device, cause the processing device to:

receive, at an address mapper, a request for a mapped address, wherein the mapped address comprises one of a native address or a system address, wherein the system address comprises another native address and a reference value, wherein the reference value is associated with a host, wherein the reference value comprises an opaque binary value of an arbitrary size, and wherein the reference value is subdivided into plurality of fields associated with the host; and

obtain, via an address mapping engine, the mapped address,

16. The non-transitory computer-readable storage medium ofclaim 15, comprising further instructions that, when executed by the processing device, cause the processing device to transmit the mapped address to a gateway, wherein the gateway replaces an input address with the mapped address, and wherein the gateway communicates, using the mapped addresses, over a network.

17. The non-transitory computer-readable storage medium ofclaim 15, wherein the host comprises a first host, the non-transitory computer-readable storage medium ofclaim 15 comprising further instructions that, when executed by the processing device, cause the processing device to:

receive, at a query interceptor, a request from the first host for a destination address associated with a second host;

request, by the query interceptor from a domain name system, a system address associated with the second host;

receive, at the query interceptor, the system address associated with the second host and transmit the system address associated with the second host to the address mapper;

receive, at the address mapper, the system address associated with the second host;

map, by the address mapper, the system address associated with the second host to a translated native address determined in view of a first host network protocol;

transmit, by the address mapper, the translated native address to the query interceptor as the destination address; and

transmit, by the query interceptor, the destination address to the first host.

18. The non-transitory computer-readable storage medium ofclaim 15, comprising further instructions that, when executed by the processing device, cause the processing device to:

maintain a database of information used by the address mapping engine to produce address mappings; and

update the database after a predetermined amount of time has passed.

19. The non-transitory computer-readable storage medium ofclaim 15, wherein the native address comprises one of an IPv4 address or an IPv6 address and wherein a length of the reference value comprises at least 128 bits.

20. The non-transitory computer-readable storage medium ofclaim 17, comprising further instructions that, when executed by the processing device, cause the processing device to generate a system address based on information from at least one of a gateway, the query interceptor, configuration, or information stored in a database.